systemd-resolved.service is active after initrd

random-archer / mkinitcpio-systemd-tool

Provisioning tool for systemd in initramfs (systemd-tool)

https://www.archlinux.org/packages/community/any/mkinitcpio-systemd-tool/

Other

112 stars 27 forks source link

systemd-resolved.service is active after initrd #75

Closed ArchangeGabriel closed 4 years ago

ArchangeGabriel commented 4 years ago

In the network service, there is Requires=systemd-resolved.service and a lot of things around DNS resolution. This is an issue for me, as the service keep running even after initrd.

I don’t know a use case of having DNS resolution at that time, so I’m inclined to remove everything related to this. But at the very least can we make sure the service is stopped at the end of initrd?

Andrei-Pozolotin commented 4 years ago

RE: a lot of things around DNS resolution
- Requires=systemd-resolved.service is used (historically) to help with initial setup / network config debug
RE: the service keep running even after initrd

initrd-network.service (and its hard dependencies) should not be enabled outside of initrd mode due to ConditionPathExists=/etc/initrd-release stanza
this is likely an issue specific to your setup, please try to trace dependencies more carefully
for example, one could use systemd-analyze: https://www.freedesktop.org/software/systemd/man/systemd-analyze.html

systemd-analyze dot systemd-resolved* | dot -T png > systemd-resolved.png

systemd-analyze dot initrd* | dot -T png > systemd-total.png

systemd-analyze dot --order initrd* | dot -T png > systemd-order.png

systemd-analyze dot --require initrd* | dot -T png > systemd-require.png

ArchangeGabriel commented 4 years ago

Not sure if I was clear, but resolved is started during initrd, and never stopped. Anyway, here are the pictures.

systemd-order systemd-require systemd-resolved systemd-total

Andrei-Pozolotin commented 4 years ago

resolved is started during initrd, and never stopped

ok, then:

if you comment out Requires=systemd-resolved.service in initrd-network.service
is systemd-resolved.service still active after initrd?

ArchangeGabriel commented 4 years ago

If I comment out this line, systemd-resolved is never started, and thus is not active after initrd (nor during it).

Andrei-Pozolotin commented 4 years ago

ok, thinking

Andrei-Pozolotin commented 4 years ago

please verify the following workaround: https://www.freedesktop.org/software/systemd/man/systemd.unit.html#StopWhenUnneeded=

create service overrides

/etc/systemd/system/systemd-networkd.service.d/override.conf

[Unit]
StopWhenUnneeded=yes

/etc/systemd/system/systemd-resolved.service.d/override.conf

[Unit]
StopWhenUnneeded=yes

remove service autostart

systemctl disable systemd-networkd.service
systemctl disable systemd-resolved.service

refresh service cache

systemctl daemon-reload

perform image rebuild and system reboot
```
mkinitcpio -p linux
systemctl reboot
```
confirm that both services are active during initrd and inactive during rootfs

Andrei-Pozolotin commented 4 years ago

there seems no elegant way to make this any more simple, so will treat this use case and the workaround as a "feature" not a "bug"

MahouShoujoMivutilde commented 3 years ago

The workaround works fine, thanks.

ArchangeGabriel commented 2 years ago

Sorry for the long delay (for some reason both unbound and systemd-resolved were binding to :53 without issue, so my system happened to work even if I did not take care of this, but after recently upgrading with the tinyssh key changes I’ve remembered about this issue), but indeed the workaround works fine, and since I’m using systemd-networkd I’ve only add the override for systemd-resolved, and that was enough. Maybe this should be documented then?